CVE-2013-4242

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:gnupg:gnupg:1.3.92:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.91:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.19:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.4:-:win32:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.15:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.93:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.0.0:-:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.18:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.2.17:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.2.1:windows:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.5:-:win32:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.90:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:0.4.5:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:gnupg:libgcrypt:*:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:gnupg:libgcrypt:1.4.3:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

Information

Published : 2013-08-19 16:55

Updated : 2018-10-30 09:27


NVD link : CVE-2013-4242

Mitre link : CVE-2013-4242


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

gnupg

  • libgcrypt
  • gnupg

canonical

  • ubuntu_linux

debian

  • debian_linux

opensuse

  • opensuse